A new type of Trojan horse computer virus could result in mass attacks on banks, exposing the personal details of an unprecedented number of online banking customers.
Discovered by security software provider Kaspersky Labs, the Neverquest Trojan Banker has already been used in thousands of attempted cyber attacks on computers used for online banking. Kaspersky warns that the frequency of its use will only increase.
Further reading Cyber mercenaries 'hit and run' warning after Kaspersky Icefog hacker discovery Malware writers move in for the mobile kill Cryptolocker cyber-extortionists extend their deadline for infected users
In a post made on a closed forum used by cyber criminals, the creator of Neverquest claimed the malicious software could be deployed to attack "about 100 banks" via seeding add-on code to banking websites viewed using either Internet Explorer or Mozilla Firefox.
The poster, "Bonaparte", also claimed the Trojan is capable of launching an attack on "any bank in any country".
"After wrapping up several criminal cases associated with the creation and proliferation of malware used to steal bank website data, a few ‘holes' appeared on the black market," said Sergey Golovanov, Principal Security Researcher at Kaspersky Lab.
"New malicious users are trying to fill these with new technologies and ideas. Neverquest is just one of the threats aiming to take over the leading positions previously held by programs like ZeuS and Carberp."
Once deployed by cyber criminals, Neverquest enables the theft of user names and passwords of bank accounts, and all of the data entered into the websites.
The data theft enables cyber criminals to gain access to victims' online bank accounts and steal their money, frequently using the stolen cash to make investments on the stock market in order to launder their gains and make a larger return.
Kaspersky warns that standard anti-virus protection isn't enough to protect against the likes of Neverquest and that users should use a dedicated system to secure transactions.